Aggregator

Submit #396895 / VDB-275721

Submit #396892 / VDB-275720

A vulnerability, which was classified as critical, has been found in Simple Job Board Plugin up to 2.12.3 on WordPress. This issue affects some unknown processing. The manipulation leads to code injection. The identification of this vulnerability is CVE-2024-7351. The attack may be initiated remotely. There is no exploit available.

Submit #396842 / VDB-275719

A vulnerability classified as problematic was found in SMSEagle up to 5.x. This vulnerability affects unknown code of the component SMS Message Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-37392. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mage AI. This affects an unknown part of the component Pipeline Interaction Request Handler. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-45190. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Mage AI. It has been rated as critical. Affected by this issue is some unknown functionality of the component Git Content Request Handler. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-45189. The attack may be launched remotely. There is no exploit available.

Submit #396817 / VDB-275718

A vulnerability was found in Mage AI. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component File Content Request Handler. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-45188. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Mage AI. It has been classified as critical. Affected is an unknown function. The manipulation leads to incorrect privilege assignment. This vulnerability is traded as CVE-2024-45187. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in flat file CMS 2.0.0-alpha.4 and classified as problematic. This issue affects some unknown processing of the component Template Body Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-40111. The attack may be initiated remotely. There is no exploit available.

I’m a little late (one whole month passed in a blink of an eye!). Let’s catch up.We briefly explored

Qilin ransomware steals credentials stored in Google ChromeSophos researchers investigated a Q

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators stole credentials stored in Google Chrome browsers of a limited number of compromised endpoints. The experts pointed out that the credential harvesting activity is usually not […]

As the back-to-school season begins, K-12 tech leaders face many cybersecurity and safety challenge

As the back-to-school season begins, K-12 tech leaders face many cybersecurity and safety challenges. To help smooth the transition to a secure start to the 2024-2025 school year, we recently hosted a webinar featuring Samuel Hoch, the Technology Director at Catoosa Public Schools, and Robert Batson, the Technology Director at Tahlequah Public Schools. In this ...

The post Enhancing School Safety with Cloud Monitor: A Powerful Cyber Safety Protection Tool appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post Enhancing School Safety with Cloud Monitor: A Powerful Cyber Safety Protection Tool appeared first on Security Boulevard.

The Justice Department said it joined a whistleblower lawsuit over claims that the Georgia Institut

The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.

DOJ inspectors have found the FBI is not labeling hard drives and other storage devices holding sensitive that are slated for destruction, making them hard to track, and that boxes of them can sit in a poorly secured facility for months.

The post Audit: FBI is Losing Track of Storage Devices Holding Sensitive Data appeared first on Security Boulevard.